We only support the most recent version of the DoHClient Python Module. Security updates will be applied to the latest version, so please make sure to update your dependencies regularly.

If you discover a security vulnerability in the DoHClient project, please take the following steps:

• DO NOT open an issue on GitHub, as this would publicly disclose the vulnerability.
• Contact the maintainers securely. You can find contact details in the README or, if available, the MAINTAINERS file in the repository.

• Include as much information as possible to help the maintainers understand the scope and severity of the issue.
• Describe the steps to reproduce the vulnerability, if applicable.

• Please allow a reasonable amount of time for the maintainers to assess and fix the vulnerability.
• We will acknowledge your report within 5 business days and provide an estimated timeline for a fix.

• Do not disclose the vulnerability publicly until the maintainers have fixed it and made an announcement.
• Following the resolution of the issue, you are welcome to disclose it responsibly.

Once we receive a vulnerability report:

1. We will assess the vulnerability's impact on the project.
2. If necessary, we will release a security patch and update the affected version.
3. We will publicly disclose the issue after a majority of users have updated to the secure version.

People reporting security vulnerabilities will be acknowledged in our project documentation, unless they request to remain anonymous.